Class: Aws::Macie2::Client

Inherits:
Seahorse::Client::Base show all
Includes:
ClientStubs
Defined in:
gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb

Overview

An API client for Macie2. To construct a client, you need to configure a :region and :credentials.

client = Aws::Macie2::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the developer guide.

See #initialize for a full list of supported configuration options.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations collapse

Instance Method Summary collapse

Methods included from ClientStubs

#api_requests, #stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

  • options (Hash)

Options Hash (options):

  • :plugins (Array<Seahorse::Client::Plugin>) — default: []]

    A list of plugins to apply to the client. Each plugin is either a class name or an instance of a plugin class.

  • :credentials (required, Aws::CredentialProvider)

    Your AWS credentials. This can be an instance of any one of the following classes:

    • Aws::Credentials - Used for configuring static, non-refreshing credentials.

    • Aws::SharedCredentials - Used for loading static credentials from a shared file, such as ~/.aws/config.

    • Aws::AssumeRoleCredentials - Used when you need to assume a role.

    • Aws::AssumeRoleWebIdentityCredentials - Used when you need to assume a role after providing credentials via the web.

    • Aws::SSOCredentials - Used for loading credentials from AWS SSO using an access token generated from aws login.

    • Aws::ProcessCredentials - Used for loading credentials from a process that outputs to stdout.

    • Aws::InstanceProfileCredentials - Used for loading credentials from an EC2 IMDS on an EC2 instance.

    • Aws::ECSCredentials - Used for loading credentials from instances running in ECS.

    • Aws::CognitoIdentityCredentials - Used for loading credentials from the Cognito Identity service.

    When :credentials are not configured directly, the following locations will be searched for credentials:

    • Aws.config[:credentials]
    • The :access_key_id, :secret_access_key, :session_token, and :account_id options.
    • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'], ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID']
    • ~/.aws/credentials
    • ~/.aws/config
    • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of Aws::InstanceProfileCredentials or Aws::ECSCredentials to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] to true.
  • :region (required, String)

    The AWS region to connect to. The configured :region is used to determine the service :endpoint. When not passed, a default :region is searched for in the following locations:

    • Aws.config[:region]
    • ENV['AWS_REGION']
    • ENV['AMAZON_REGION']
    • ENV['AWS_DEFAULT_REGION']
    • ~/.aws/credentials
    • ~/.aws/config
  • :access_key_id (String)
  • :account_id (String)
  • :active_endpoint_cache (Boolean) — default: false

    When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false.

  • :adaptive_retry_wait_to_fill (Boolean) — default: true

    Used only in adaptive retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a RetryCapacityNotAvailableError and will not retry instead of sleeping.

  • :client_side_monitoring (Boolean) — default: false

    When true, client-side metrics will be collected for all API requests from this client.

  • :client_side_monitoring_client_id (String) — default: ""

    Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

  • :client_side_monitoring_host (String) — default: "127.0.0.1"

    Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_port (Integer) — default: 31000

    Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher

    Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

  • :convert_params (Boolean) — default: true

    When true, an attempt is made to coerce request parameters into the required types.

  • :correct_clock_skew (Boolean) — default: true

    Used only in standard and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

  • :defaults_mode (String) — default: "legacy"

    See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

  • :disable_host_prefix_injection (Boolean) — default: false

    Set to true to disable SDK automatically adding host prefix to default service endpoint when available.

  • :disable_request_compression (Boolean) — default: false

    When set to 'true' the request body will not be compressed for supported operations.

  • :endpoint (String, URI::HTTPS, URI::HTTP)

    Normally you should not configure the :endpoint option directly. This is normally constructed from the :region option. Configuring :endpoint is normally reserved for connecting to test or custom endpoints. The endpoint should be a URI formatted like:

    'http://example.com'
    'https://example.com'
    'http://example.com:123'
    
  • :endpoint_cache_max_entries (Integer) — default: 1000

    Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

  • :endpoint_cache_max_threads (Integer) — default: 10

    Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

  • :endpoint_cache_poll_interval (Integer) — default: 60

    When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

  • :endpoint_discovery (Boolean) — default: false

    When set to true, endpoint discovery will be enabled for operations when available.

  • :ignore_configured_endpoint_urls (Boolean)

    Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

  • :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default

    The log formatter.

  • :log_level (Symbol) — default: :info

    The log level to send messages to the :logger at.

  • :logger (Logger)

    The Logger instance to send log messages to. If this option is not set, logging will be disabled.

  • :max_attempts (Integer) — default: 3

    An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in standard and adaptive retry modes.

  • :profile (String) — default: "default"

    Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used.

  • :request_min_compression_size_bytes (Integer) — default: 10240

    The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

  • :retry_backoff (Proc)

    A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the legacy retry mode.

  • :retry_base_delay (Float) — default: 0.3

    The base delay in seconds used by the default backoff function. This option is only used in the legacy retry mode.

  • :retry_jitter (Symbol) — default: :none

    A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the legacy retry mode.

    @see https://www.awsarchitectureblog.com/2015/03/backoff.html

  • :retry_limit (Integer) — default: 3

    The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the legacy retry mode.

  • :retry_max_delay (Integer) — default: 0

    The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the legacy retry mode.

  • :retry_mode (String) — default: "legacy"

    Specifies which retry algorithm to use. Values are:

    • legacy - The pre-existing retry behavior. This is default value if no retry mode is provided.

    • standard - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

    • adaptive - An experimental retry mode that includes all the functionality of standard mode along with automatic client side throttling. This is a provisional mode that may change behavior in the future.

  • :sdk_ua_app_id (String)

    A unique and opaque application ID that is appended to the User-Agent header as app/sdk_ua_app_id. It should have a maximum length of 50. This variable is sourced from environment variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.

  • :secret_access_key (String)
  • :session_token (String)
  • :sigv4a_signing_region_set (Array)

    A list of regions that should be signed with SigV4a signing. When not passed, a default :sigv4a_signing_region_set is searched for in the following locations:

    • Aws.config[:sigv4a_signing_region_set]
    • ENV['AWS_SIGV4A_SIGNING_REGION_SET']
    • ~/.aws/config
  • :stub_responses (Boolean) — default: false

    Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

    Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

  • :telemetry_provider (Aws::Telemetry::TelemetryProviderBase) — default: Aws::Telemetry::NoOpTelemetryProvider

    Allows you to provide a telemetry provider, which is used to emit telemetry data. By default, uses NoOpTelemetryProvider which will not record or emit any telemetry data. The SDK supports the following telemetry providers:

    • OpenTelemetry (OTel) - To use the OTel provider, install and require the opentelemetry-sdk gem and then, pass in an instance of a Aws::Telemetry::OTelProvider for telemetry provider.
  • :token_provider (Aws::TokenProvider)

    A Bearer Token Provider. This can be an instance of any one of the following classes:

    • Aws::StaticTokenProvider - Used for configuring static, non-refreshing tokens.

    • Aws::SSOTokenProvider - Used for loading tokens from AWS SSO using an access token generated from aws login.

    When :token_provider is not configured directly, the Aws::TokenProviderChain will be used to search for tokens configured for your profile in shared configuration files.

  • :use_dualstack_endpoint (Boolean)

    When set to true, dualstack enabled endpoints (with .aws TLD) will be used if available.

  • :use_fips_endpoint (Boolean)

    When set to true, fips compatible endpoints will be used if available. When a fips region is used, the region is normalized and this config is set to true.

  • :validate_params (Boolean) — default: true

    When true, request parameters are validated before sending the request.

  • :endpoint_provider (Aws::Macie2::EndpointProvider)

    The endpoint provider used to resolve endpoints. Any object that responds to #resolve_endpoint(parameters) where parameters is a Struct similar to Aws::Macie2::EndpointParameters.

  • :http_continue_timeout (Float) — default: 1

    The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has "Expect" header set to "100-continue". Defaults to nil which disables this behaviour. This value can safely be set per request on the session.

  • :http_idle_timeout (Float) — default: 5

    The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

  • :http_open_timeout (Float) — default: 15

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_proxy (URI::HTTP, String)

    A proxy to send requests through. Formatted like 'http://proxy.com:123'.

  • :http_read_timeout (Float) — default: 60

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_wire_trace (Boolean) — default: false

    When true, HTTP debug output will be sent to the :logger.

  • :on_chunk_received (Proc)

    When a Proc object is provided, it will be used as callback when each chunk of the response body is received. It provides three arguments: the chunk, the number of bytes received, and the total number of bytes in the response (or nil if the server did not send a content-length).

  • :on_chunk_sent (Proc)

    When a Proc object is provided, it will be used as callback when each chunk of the request body is sent. It provides three arguments: the chunk, the number of bytes read from the body, and the total number of bytes in the body.

  • :raise_response_errors (Boolean) — default: true

    When true, response errors are raised.

  • :ssl_ca_bundle (String)

    Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

  • :ssl_ca_directory (String)

    Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

  • :ssl_ca_store (String)

    Sets the X509::Store to verify peer certificate.

  • :ssl_cert (OpenSSL::X509::Certificate)

    Sets a client certificate when creating http connections.

  • :ssl_key (OpenSSL::PKey)

    Sets a client key when creating http connections.

  • :ssl_timeout (Float)

    Sets the SSL timeout in seconds

  • :ssl_verify_peer (Boolean) — default: true

    When true, SSL peer certificates are verified when establishing a connection.



444
445
446
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 444

def initialize(*args)
  super
end

Instance Method Details

#accept_invitation(params = {}) ⇒ Struct

Accepts an Amazon Macie membership invitation that was received from a specific account.

Examples:

Request syntax with placeholder values


resp = client.accept_invitation({
  administrator_account_id: "__string",
  invitation_id: "__string", # required
  master_account: "__string",
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :administrator_account_id (String)
  • :invitation_id (required, String)
  • :master_account (String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



473
474
475
476
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 473

def accept_invitation(params = {}, options = {})
  req = build_request(:accept_invitation, params)
  req.send_request(options)
end

#batch_get_custom_data_identifiers(params = {}) ⇒ Types::BatchGetCustomDataIdentifiersResponse

Retrieves information about one or more custom data identifiers.

Examples:

Request syntax with placeholder values


resp = client.batch_get_custom_data_identifiers({
  ids: ["__string"],
})

Response structure


resp.custom_data_identifiers #=> Array
resp.custom_data_identifiers[0].arn #=> String
resp.custom_data_identifiers[0].created_at #=> Time
resp.custom_data_identifiers[0].deleted #=> Boolean
resp.custom_data_identifiers[0].description #=> String
resp.custom_data_identifiers[0].id #=> String
resp.custom_data_identifiers[0].name #=> String
resp.not_found_identifier_ids #=> Array
resp.not_found_identifier_ids[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :ids (Array<String>)

Returns:

See Also:



509
510
511
512
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 509

def batch_get_custom_data_identifiers(params = {}, options = {})
  req = build_request(:batch_get_custom_data_identifiers, params)
  req.send_request(options)
end

#batch_update_automated_discovery_accounts(params = {}) ⇒ Types::BatchUpdateAutomatedDiscoveryAccountsResponse

Changes the status of automated sensitive data discovery for one or more accounts.

Examples:

Request syntax with placeholder values


resp = client.batch_update_automated_discovery_accounts({
  accounts: [
    {
      account_id: "__string",
      status: "ENABLED", # accepts ENABLED, DISABLED
    },
  ],
})

Response structure


resp.errors #=> Array
resp.errors[0]. #=> String
resp.errors[0].error_code #=> String, one of "ACCOUNT_PAUSED", "ACCOUNT_NOT_FOUND"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

Returns:

See Also:



544
545
546
547
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 544

def batch_update_automated_discovery_accounts(params = {}, options = {})
  req = build_request(:batch_update_automated_discovery_accounts, params)
  req.send_request(options)
end

#create_allow_list(params = {}) ⇒ Types::CreateAllowListResponse

Creates and defines the settings for an allow list.

Examples:

Request syntax with placeholder values


resp = client.create_allow_list({
  client_token: "__string", # required
  criteria: { # required
    regex: "__stringMin1Max512PatternSS",
    s3_words_list: {
      bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
      object_key: "__stringMin1Max1024PatternSS", # required
    },
  },
  description: "__stringMin1Max512PatternSS",
  name: "__stringMin1Max128Pattern", # required
  tags: {
    "__string" => "__string",
  },
})

Response structure


resp.arn #=> String
resp.id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_token (required, String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :criteria (required, Types::AllowListCriteria)

    Specifies the criteria for an allow list. The criteria must specify a regular expression (regex) or an S3 object (s3WordsList). It can't specify both.

  • :description (String)
  • :name (required, String)
  • :tags (Hash<String,String>)

    A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

Returns:

See Also:



600
601
602
603
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 600

def create_allow_list(params = {}, options = {})
  req = build_request(:create_allow_list, params)
  req.send_request(options)
end

#create_classification_job(params = {}) ⇒ Types::CreateClassificationJobResponse

Creates and defines the settings for a classification job.

Examples:

Request syntax with placeholder values


resp = client.create_classification_job({
  allow_list_ids: ["__string"],
  client_token: "__string", # required
  custom_data_identifier_ids: ["__string"],
  description: "__string",
  initial_run: false,
  job_type: "ONE_TIME", # required, accepts ONE_TIME, SCHEDULED
  managed_data_identifier_ids: ["__string"],
  managed_data_identifier_selector: "ALL", # accepts ALL, EXCLUDE, INCLUDE, NONE, RECOMMENDED
  name: "__string", # required
  s3_job_definition: { # required
    bucket_criteria: {
      excludes: {
        and: [
          {
            simple_criterion: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
              values: ["__string"],
            },
            tag_criterion: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              tag_values: [
                {
                  key: "__string",
                  value: "__string",
                },
              ],
            },
          },
        ],
      },
      includes: {
        and: [
          {
            simple_criterion: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
              values: ["__string"],
            },
            tag_criterion: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              tag_values: [
                {
                  key: "__string",
                  value: "__string",
                },
              ],
            },
          },
        ],
      },
    },
    bucket_definitions: [
      {
        account_id: "__string", # required
        buckets: ["__string"], # required
      },
    ],
    scoping: {
      excludes: {
        and: [
          {
            simple_scope_term: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
              values: ["__string"],
            },
            tag_scope_term: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              key: "__string",
              tag_values: [
                {
                  key: "__string",
                  value: "__string",
                },
              ],
              target: "S3_OBJECT", # accepts S3_OBJECT
            },
          },
        ],
      },
      includes: {
        and: [
          {
            simple_scope_term: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
              values: ["__string"],
            },
            tag_scope_term: {
              comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
              key: "__string",
              tag_values: [
                {
                  key: "__string",
                  value: "__string",
                },
              ],
              target: "S3_OBJECT", # accepts S3_OBJECT
            },
          },
        ],
      },
    },
  },
  sampling_percentage: 1,
  schedule_frequency: {
    daily_schedule: {
    },
    monthly_schedule: {
      day_of_month: 1,
    },
    weekly_schedule: {
      day_of_week: "SUNDAY", # accepts SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY
    },
  },
  tags: {
    "__string" => "__string",
  },
})

Response structure


resp.job_arn #=> String
resp.job_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :allow_list_ids (Array<String>)
  • :client_token (required, String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :custom_data_identifier_ids (Array<String>)
  • :description (String)
  • :initial_run (Boolean)
  • :job_type (required, String)

    The schedule for running a classification job. Valid values are:

  • :managed_data_identifier_ids (Array<String>)
  • :managed_data_identifier_selector (String)

    The selection type that determines which managed data identifiers a classification job uses to analyze data. Valid values are:

  • :name (required, String)
  • :s3_job_definition (required, Types::S3JobDefinition)

    Specifies which S3 buckets contain the objects that a classification job analyzes, and the scope of that analysis. The bucket specification can be static (bucketDefinitions) or dynamic (bucketCriteria). If it's static, the job analyzes objects in the same predefined set of buckets each time the job runs. If it's dynamic, the job analyzes objects in any buckets that match the specified criteria each time the job starts to run.

  • :sampling_percentage (Integer)
  • :schedule_frequency (Types::JobScheduleFrequency)

    Specifies the recurrence pattern for running a classification job.

  • :tags (Hash<String,String>)

    A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

Returns:

See Also:



786
787
788
789
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 786

def create_classification_job(params = {}, options = {})
  req = build_request(:create_classification_job, params)
  req.send_request(options)
end

#create_custom_data_identifier(params = {}) ⇒ Types::CreateCustomDataIdentifierResponse

Creates and defines the criteria and other settings for a custom data identifier.

Examples:

Request syntax with placeholder values


resp = client.create_custom_data_identifier({
  client_token: "__string",
  description: "__string",
  ignore_words: ["__string"],
  keywords: ["__string"],
  maximum_match_distance: 1,
  name: "__string", # required
  regex: "__string", # required
  severity_levels: [
    {
      occurrences_threshold: 1, # required
      severity: "LOW", # required, accepts LOW, MEDIUM, HIGH
    },
  ],
  tags: {
    "__string" => "__string",
  },
})

Response structure


resp.custom_data_identifier_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_token (String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :description (String)
  • :ignore_words (Array<String>)
  • :keywords (Array<String>)
  • :maximum_match_distance (Integer)
  • :name (required, String)
  • :regex (required, String)
  • :severity_levels (Array<Types::SeverityLevel>)

    The severity to assign to findings that the custom data identifier produces, based on the number of occurrences of text that matches the custom data identifier's detection criteria. You can specify as many as three SeverityLevel objects in this array, one for each severity: LOW, MEDIUM, or HIGH. If you specify more than one, the occurrences thresholds must be in ascending order by severity, moving from LOW to HIGH. For example, 1 for LOW, 50 for MEDIUM, and 100 for HIGH. If an S3 object contains fewer occurrences than the lowest specified threshold, Amazon Macie doesn't create a finding.

    If you don't specify any values for this array, Macie creates findings for S3 objects that contain at least one occurrence of text that matches the detection criteria, and Macie automatically assigns the MEDIUM severity to those findings.

  • :tags (Hash<String,String>)

    A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

Returns:

See Also:



863
864
865
866
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 863

def create_custom_data_identifier(params = {}, options = {})
  req = build_request(:create_custom_data_identifier, params)
  req.send_request(options)
end

#create_findings_filter(params = {}) ⇒ Types::CreateFindingsFilterResponse

Creates and defines the criteria and other settings for a findings filter.

Examples:

Request syntax with placeholder values


resp = client.create_findings_filter({
  action: "ARCHIVE", # required, accepts ARCHIVE, NOOP
  client_token: "__string",
  description: "__string",
  finding_criteria: { # required
    criterion: {
      "__string" => {
        eq: ["__string"],
        eq_exact_match: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  name: "__string", # required
  position: 1,
  tags: {
    "__string" => "__string",
  },
})

Response structure


resp.arn #=> String
resp.id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :action (required, String)

    The action to perform on findings that match the filter criteria. To suppress (automatically archive) findings that match the criteria, set this value to ARCHIVE. Valid values are:

  • :client_token (String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :description (String)
  • :finding_criteria (required, Types::FindingCriteria)

    Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.

  • :name (required, String)
  • :position (Integer)
  • :tags (Hash<String,String>)

    A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

Returns:

See Also:



934
935
936
937
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 934

def create_findings_filter(params = {}, options = {})
  req = build_request(:create_findings_filter, params)
  req.send_request(options)
end

#create_invitations(params = {}) ⇒ Types::CreateInvitationsResponse

Sends an Amazon Macie membership invitation to one or more accounts.

Examples:

Request syntax with placeholder values


resp = client.create_invitations({
  account_ids: ["__string"], # required
  disable_email_notification: false,
  message: "__string",
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].error_code #=> String, one of "ClientError", "InternalError"
resp.unprocessed_accounts[0].error_message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (required, Array<String>)
  • :disable_email_notification (Boolean)
  • :message (String)

Returns:

See Also:



970
971
972
973
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 970

def create_invitations(params = {}, options = {})
  req = build_request(:create_invitations, params)
  req.send_request(options)
end

#create_member(params = {}) ⇒ Types::CreateMemberResponse

Associates an account with an Amazon Macie administrator account.

Examples:

Request syntax with placeholder values


resp = client.create_member({
  account: { # required
    account_id: "__string", # required
    email: "__string", # required
  },
  tags: {
    "__string" => "__string",
  },
})

Response structure


resp.arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account (required, Types::AccountDetail)

    Specifies the details of an account to associate with an Amazon Macie administrator account.

  • :tags (Hash<String,String>)

    A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

Returns:

See Also:



1009
1010
1011
1012
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1009

def create_member(params = {}, options = {})
  req = build_request(:create_member, params)
  req.send_request(options)
end

#create_sample_findings(params = {}) ⇒ Struct

Creates sample findings.

Examples:

Request syntax with placeholder values


resp = client.create_sample_findings({
  finding_types: ["SensitiveData:S3Object/Multiple"], # accepts SensitiveData:S3Object/Multiple, SensitiveData:S3Object/Financial, SensitiveData:S3Object/Personal, SensitiveData:S3Object/Credentials, SensitiveData:S3Object/CustomIdentifier, Policy:IAMUser/S3BucketPublic, Policy:IAMUser/S3BucketSharedExternally, Policy:IAMUser/S3BucketReplicatedExternally, Policy:IAMUser/S3BucketEncryptionDisabled, Policy:IAMUser/S3BlockPublicAccessDisabled, Policy:IAMUser/S3BucketSharedWithCloudFront
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_types (Array<String>)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1030
1031
1032
1033
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1030

def create_sample_findings(params = {}, options = {})
  req = build_request(:create_sample_findings, params)
  req.send_request(options)
end

#decline_invitations(params = {}) ⇒ Types::DeclineInvitationsResponse

Declines Amazon Macie membership invitations that were received from specific accounts.

Examples:

Request syntax with placeholder values


resp = client.decline_invitations({
  account_ids: ["__string"], # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].error_code #=> String, one of "ClientError", "InternalError"
resp.unprocessed_accounts[0].error_message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (required, Array<String>)

Returns:

See Also:



1061
1062
1063
1064
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1061

def decline_invitations(params = {}, options = {})
  req = build_request(:decline_invitations, params)
  req.send_request(options)
end

#delete_allow_list(params = {}) ⇒ Struct

Deletes an allow list.

Examples:

Request syntax with placeholder values


resp = client.delete_allow_list({
  id: "__string", # required
  ignore_job_checks: "__string",
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)
  • :ignore_job_checks (String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1085
1086
1087
1088
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1085

def delete_allow_list(params = {}, options = {})
  req = build_request(:delete_allow_list, params)
  req.send_request(options)
end

#delete_custom_data_identifier(params = {}) ⇒ Struct

Soft deletes a custom data identifier.

Examples:

Request syntax with placeholder values


resp = client.delete_custom_data_identifier({
  id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1106
1107
1108
1109
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1106

def delete_custom_data_identifier(params = {}, options = {})
  req = build_request(:delete_custom_data_identifier, params)
  req.send_request(options)
end

#delete_findings_filter(params = {}) ⇒ Struct

Deletes a findings filter.

Examples:

Request syntax with placeholder values


resp = client.delete_findings_filter({
  id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1127
1128
1129
1130
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1127

def delete_findings_filter(params = {}, options = {})
  req = build_request(:delete_findings_filter, params)
  req.send_request(options)
end

#delete_invitations(params = {}) ⇒ Types::DeleteInvitationsResponse

Deletes Amazon Macie membership invitations that were received from specific accounts.

Examples:

Request syntax with placeholder values


resp = client.delete_invitations({
  account_ids: ["__string"], # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].error_code #=> String, one of "ClientError", "InternalError"
resp.unprocessed_accounts[0].error_message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (required, Array<String>)

Returns:

See Also:



1158
1159
1160
1161
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1158

def delete_invitations(params = {}, options = {})
  req = build_request(:delete_invitations, params)
  req.send_request(options)
end

#delete_member(params = {}) ⇒ Struct

Deletes the association between an Amazon Macie administrator account and an account.

Examples:

Request syntax with placeholder values


resp = client.delete_member({
  id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1180
1181
1182
1183
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1180

def delete_member(params = {}, options = {})
  req = build_request(:delete_member, params)
  req.send_request(options)
end

#describe_buckets(params = {}) ⇒ Types::DescribeBucketsResponse

Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.describe_buckets({
  criteria: {
    "__string" => {
      eq: ["__string"],
      gt: 1,
      gte: 1,
      lt: 1,
      lte: 1,
      neq: ["__string"],
      prefix: "__string",
    },
  },
  max_results: 1,
  next_token: "__string",
  sort_criteria: {
    attribute_name: "__string",
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.buckets #=> Array
resp.buckets[0]. #=> String
resp.buckets[0].allows_unencrypted_object_uploads #=> String, one of "TRUE", "FALSE", "UNKNOWN"
resp.buckets[0].automated_discovery_monitoring_status #=> String, one of "MONITORED", "NOT_MONITORED"
resp.buckets[0].bucket_arn #=> String
resp.buckets[0].bucket_created_at #=> Time
resp.buckets[0].bucket_name #=> String
resp.buckets[0].classifiable_object_count #=> Integer
resp.buckets[0].classifiable_size_in_bytes #=> Integer
resp.buckets[0].error_code #=> String, one of "ACCESS_DENIED", "BUCKET_COUNT_EXCEEDS_QUOTA"
resp.buckets[0].error_message #=> String
resp.buckets[0].job_details.is_defined_in_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
resp.buckets[0].job_details.is_monitored_by_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
resp.buckets[0].job_details.last_job_id #=> String
resp.buckets[0].job_details.last_job_run_time #=> Time
resp.buckets[0].last_automated_discovery_time #=> Time
resp.buckets[0].last_updated #=> Time
resp.buckets[0].object_count #=> Integer
resp.buckets[0].object_count_by_encryption_type.customer_managed #=> Integer
resp.buckets[0].object_count_by_encryption_type.kms_managed #=> Integer
resp.buckets[0].object_count_by_encryption_type.s3_managed #=> Integer
resp.buckets[0].object_count_by_encryption_type.unencrypted #=> Integer
resp.buckets[0].object_count_by_encryption_type.unknown #=> Integer
resp.buckets[0].public_access.effective_permission #=> String, one of "PUBLIC", "NOT_PUBLIC", "UNKNOWN"
resp.buckets[0].public_access.permission_configuration..block_public_access.block_public_acls #=> Boolean
resp.buckets[0].public_access.permission_configuration..block_public_access.block_public_policy #=> Boolean
resp.buckets[0].public_access.permission_configuration..block_public_access.ignore_public_acls #=> Boolean
resp.buckets[0].public_access.permission_configuration..block_public_access.restrict_public_buckets #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_read_access #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_write_access #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_acls #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_policy #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.ignore_public_acls #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.restrict_public_buckets #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_read_access #=> Boolean
resp.buckets[0].public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_write_access #=> Boolean
resp.buckets[0].region #=> String
resp.buckets[0].replication_details.replicated #=> Boolean
resp.buckets[0].replication_details.replicated_externally #=> Boolean
resp.buckets[0].replication_details.replication_accounts #=> Array
resp.buckets[0].replication_details.replication_accounts[0] #=> String
resp.buckets[0].sensitivity_score #=> Integer
resp.buckets[0].server_side_encryption.kms_master_key_id #=> String
resp.buckets[0].server_side_encryption.type #=> String, one of "NONE", "AES256", "aws:kms", "aws:kms:dsse"
resp.buckets[0].shared_access #=> String, one of "EXTERNAL", "INTERNAL", "NOT_SHARED", "UNKNOWN"
resp.buckets[0].size_in_bytes #=> Integer
resp.buckets[0].size_in_bytes_compressed #=> Integer
resp.buckets[0].tags #=> Array
resp.buckets[0].tags[0].key #=> String
resp.buckets[0].tags[0].value #=> String
resp.buckets[0].unclassifiable_object_count.file_type #=> Integer
resp.buckets[0].unclassifiable_object_count.storage_class #=> Integer
resp.buckets[0].unclassifiable_object_count.total #=> Integer
resp.buckets[0].unclassifiable_object_size_in_bytes.file_type #=> Integer
resp.buckets[0].unclassifiable_object_size_in_bytes.storage_class #=> Integer
resp.buckets[0].unclassifiable_object_size_in_bytes.total #=> Integer
resp.buckets[0].versioning #=> Boolean
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :criteria (Hash<String,Types::BucketCriteriaAdditionalProperties>)

    Specifies, as a map, one or more property-based conditions that filter the results of a query for information about S3 buckets.

  • :max_results (Integer)
  • :next_token (String)
  • :sort_criteria (Types::BucketSortCriteria)

    Specifies criteria for sorting the results of a query for information about S3 buckets.

Returns:

See Also:



1295
1296
1297
1298
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1295

def describe_buckets(params = {}, options = {})
  req = build_request(:describe_buckets, params)
  req.send_request(options)
end

#describe_classification_job(params = {}) ⇒ Types::DescribeClassificationJobResponse

Retrieves the status and settings for a classification job.

Examples:

Request syntax with placeholder values


resp = client.describe_classification_job({
  job_id: "__string", # required
})

Response structure


resp.allow_list_ids #=> Array
resp.allow_list_ids[0] #=> String
resp.client_token #=> String
resp.created_at #=> Time
resp.custom_data_identifier_ids #=> Array
resp.custom_data_identifier_ids[0] #=> String
resp.description #=> String
resp.initial_run #=> Boolean
resp.job_arn #=> String
resp.job_id #=> String
resp.job_status #=> String, one of "RUNNING", "PAUSED", "CANCELLED", "COMPLETE", "IDLE", "USER_PAUSED"
resp.job_type #=> String, one of "ONE_TIME", "SCHEDULED"
resp.last_run_error_status.code #=> String, one of "NONE", "ERROR"
resp.last_run_time #=> Time
resp.managed_data_identifier_ids #=> Array
resp.managed_data_identifier_ids[0] #=> String
resp.managed_data_identifier_selector #=> String, one of "ALL", "EXCLUDE", "INCLUDE", "NONE", "RECOMMENDED"
resp.name #=> String
resp.s3_job_definition.bucket_criteria.excludes.and #=> Array
resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values #=> Array
resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values[0] #=> String
resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values #=> Array
resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].key #=> String
resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].value #=> String
resp.s3_job_definition.bucket_criteria.includes.and #=> Array
resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values #=> Array
resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values[0] #=> String
resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
resp.s3_job_definition.bucket_definitions #=> Array
resp.s3_job_definition.bucket_definitions[0]. #=> String
resp.s3_job_definition.bucket_definitions[0].buckets #=> Array
resp.s3_job_definition.bucket_definitions[0].buckets[0] #=> String
resp.s3_job_definition.scoping.excludes.and #=> Array
resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.key #=> String, one of "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "OBJECT_KEY"
resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.values #=> Array
resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.values[0] #=> String
resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.key #=> String
resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.tag_values #=> Array
resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.tag_values[0].key #=> String
resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.tag_values[0].value #=> String
resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.target #=> String, one of "S3_OBJECT"
resp.s3_job_definition.scoping.includes.and #=> Array
resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.key #=> String, one of "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "OBJECT_KEY"
resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.values #=> Array
resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.values[0] #=> String
resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.key #=> String
resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values #=> Array
resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values[0].key #=> String
resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values[0].value #=> String
resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.target #=> String, one of "S3_OBJECT"
resp.sampling_percentage #=> Integer
resp.schedule_frequency.monthly_schedule.day_of_month #=> Integer
resp.schedule_frequency.weekly_schedule.day_of_week #=> String, one of "SUNDAY", "MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY", "SATURDAY"
resp.statistics.approximate_number_of_objects_to_process #=> Float
resp.statistics.number_of_runs #=> Float
resp.tags #=> Hash
resp.tags["__string"] #=> String
resp.user_paused_details.job_expires_at #=> Time
resp.user_paused_details.job_imminent_expiration_health_event_arn #=> String
resp.user_paused_details.job_paused_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :job_id (required, String)

Returns:

See Also:



1413
1414
1415
1416
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1413

def describe_classification_job(params = {}, options = {})
  req = build_request(:describe_classification_job, params)
  req.send_request(options)
end

#describe_organization_configuration(params = {}) ⇒ Types::DescribeOrganizationConfigurationResponse

Retrieves the Amazon Macie configuration settings for an organization in Organizations.

Examples:

Response structure


resp.auto_enable #=> Boolean
resp. #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



1435
1436
1437
1438
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1435

def describe_organization_configuration(params = {}, options = {})
  req = build_request(:describe_organization_configuration, params)
  req.send_request(options)
end

#disable_macie(params = {}) ⇒ Struct

Disables Amazon Macie and deletes all settings and resources for a Macie account.

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1449
1450
1451
1452
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1449

def disable_macie(params = {}, options = {})
  req = build_request(:disable_macie, params)
  req.send_request(options)
end

#disable_organization_admin_account(params = {}) ⇒ Struct

Disables an account as the delegated Amazon Macie administrator account for an organization in Organizations.

Examples:

Request syntax with placeholder values


resp = client.({
  admin_account_id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :admin_account_id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1471
1472
1473
1474
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1471

def (params = {}, options = {})
  req = build_request(:disable_organization_admin_account, params)
  req.send_request(options)
end

#disassociate_from_administrator_account(params = {}) ⇒ Struct

Disassociates a member account from its Amazon Macie administrator account.

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1485
1486
1487
1488
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1485

def (params = {}, options = {})
  req = build_request(:disassociate_from_administrator_account, params)
  req.send_request(options)
end

#disassociate_from_master_account(params = {}) ⇒ Struct

(Deprecated) Disassociates a member account from its Amazon Macie administrator account. This operation has been replaced by the

DisassociateFromAdministratorAccount operation.

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1502
1503
1504
1505
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1502

def (params = {}, options = {})
  req = build_request(:disassociate_from_master_account, params)
  req.send_request(options)
end

#disassociate_member(params = {}) ⇒ Struct

Disassociates an Amazon Macie administrator account from a member account.

Examples:

Request syntax with placeholder values


resp = client.disassociate_member({
  id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1524
1525
1526
1527
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1524

def disassociate_member(params = {}, options = {})
  req = build_request(:disassociate_member, params)
  req.send_request(options)
end

#enable_macie(params = {}) ⇒ Struct

Enables Amazon Macie and specifies the configuration settings for a Macie account.

Examples:

Request syntax with placeholder values


resp = client.enable_macie({
  client_token: "__string",
  finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
  status: "PAUSED", # accepts PAUSED, ENABLED
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_token (String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :finding_publishing_frequency (String)

    The frequency with which Amazon Macie publishes updates to policy findings for an account. This includes publishing updates to Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events). For more information, see Monitoring and processing findings in the Amazon Macie User Guide. Valid values are:

  • :status (String)

    The status of an Amazon Macie account. Valid values are:

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1564
1565
1566
1567
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1564

def enable_macie(params = {}, options = {})
  req = build_request(:enable_macie, params)
  req.send_request(options)
end

#enable_organization_admin_account(params = {}) ⇒ Struct

Designates an account as the delegated Amazon Macie administrator account for an organization in Organizations.

Examples:

Request syntax with placeholder values


resp = client.({
  admin_account_id: "__string", # required
  client_token: "__string",
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :admin_account_id (required, String)
  • :client_token (String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1591
1592
1593
1594
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1591

def (params = {}, options = {})
  req = build_request(:enable_organization_admin_account, params)
  req.send_request(options)
end

#get_administrator_account(params = {}) ⇒ Types::GetAdministratorAccountResponse

Retrieves information about the Amazon Macie administrator account for an account.

Examples:

Response structure


resp.administrator. #=> String
resp.administrator.invitation_id #=> String
resp.administrator.invited_at #=> Time
resp.administrator.relationship_status #=> String, one of "Enabled", "Paused", "Invited", "Created", "Removed", "Resigned", "EmailVerificationInProgress", "EmailVerificationFailed", "RegionDisabled", "AccountSuspended"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



1614
1615
1616
1617
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1614

def (params = {}, options = {})
  req = build_request(:get_administrator_account, params)
  req.send_request(options)
end

#get_allow_list(params = {}) ⇒ Types::GetAllowListResponse

Retrieves the settings and status of an allow list.

Examples:

Request syntax with placeholder values


resp = client.get_allow_list({
  id: "__string", # required
})

Response structure


resp.arn #=> String
resp.created_at #=> Time
resp.criteria.regex #=> String
resp.criteria.s3_words_list.bucket_name #=> String
resp.criteria.s3_words_list.object_key #=> String
resp.description #=> String
resp.id #=> String
resp.name #=> String
resp.status.code #=> String, one of "OK", "S3_OBJECT_NOT_FOUND", "S3_USER_ACCESS_DENIED", "S3_OBJECT_ACCESS_DENIED", "S3_THROTTLED", "S3_OBJECT_OVERSIZE", "S3_OBJECT_EMPTY", "UNKNOWN_ERROR"
resp.status.description #=> String
resp.tags #=> Hash
resp.tags["__string"] #=> String
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

See Also:



1661
1662
1663
1664
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1661

def get_allow_list(params = {}, options = {})
  req = build_request(:get_allow_list, params)
  req.send_request(options)
end

#get_automated_discovery_configuration(params = {}) ⇒ Types::GetAutomatedDiscoveryConfigurationResponse

Retrieves the configuration settings and status of automated sensitive data discovery for an organization or standalone account.

Examples:

Response structure


resp.auto_enable_organization_members #=> String, one of "ALL", "NEW", "NONE"
resp.classification_scope_id #=> String
resp.disabled_at #=> Time
resp.first_enabled_at #=> Time
resp.last_updated_at #=> Time
resp.sensitivity_inspection_template_id #=> String
resp.status #=> String, one of "ENABLED", "DISABLED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



1693
1694
1695
1696
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1693

def get_automated_discovery_configuration(params = {}, options = {})
  req = build_request(:get_automated_discovery_configuration, params)
  req.send_request(options)
end

#get_bucket_statistics(params = {}) ⇒ Types::GetBucketStatisticsResponse

Retrieves (queries) aggregated statistical data about all the S3 buckets that Amazon Macie monitors and analyzes for an account.

Examples:

Request syntax with placeholder values


resp = client.get_bucket_statistics({
  account_id: "__string",
})

Response structure


resp.bucket_count #=> Integer
resp.bucket_count_by_effective_permission.publicly_accessible #=> Integer
resp.bucket_count_by_effective_permission.publicly_readable #=> Integer
resp.bucket_count_by_effective_permission.publicly_writable #=> Integer
resp.bucket_count_by_effective_permission.unknown #=> Integer
resp.bucket_count_by_encryption_type.kms_managed #=> Integer
resp.bucket_count_by_encryption_type.s3_managed #=> Integer
resp.bucket_count_by_encryption_type.unencrypted #=> Integer
resp.bucket_count_by_encryption_type.unknown #=> Integer
resp.bucket_count_by_object_encryption_requirement.allows_unencrypted_object_uploads #=> Integer
resp.bucket_count_by_object_encryption_requirement.denies_unencrypted_object_uploads #=> Integer
resp.bucket_count_by_object_encryption_requirement.unknown #=> Integer
resp.bucket_count_by_shared_access_type.external #=> Integer
resp.bucket_count_by_shared_access_type.internal #=> Integer
resp.bucket_count_by_shared_access_type.not_shared #=> Integer
resp.bucket_count_by_shared_access_type.unknown #=> Integer
resp.bucket_statistics_by_sensitivity.classification_error.classifiable_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.classification_error.publicly_accessible_count #=> Integer
resp.bucket_statistics_by_sensitivity.classification_error.total_count #=> Integer
resp.bucket_statistics_by_sensitivity.classification_error.total_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.not_classified.classifiable_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.not_classified.publicly_accessible_count #=> Integer
resp.bucket_statistics_by_sensitivity.not_classified.total_count #=> Integer
resp.bucket_statistics_by_sensitivity.not_classified.total_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.not_sensitive.classifiable_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.not_sensitive.publicly_accessible_count #=> Integer
resp.bucket_statistics_by_sensitivity.not_sensitive.total_count #=> Integer
resp.bucket_statistics_by_sensitivity.not_sensitive.total_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.sensitive.classifiable_size_in_bytes #=> Integer
resp.bucket_statistics_by_sensitivity.sensitive.publicly_accessible_count #=> Integer
resp.bucket_statistics_by_sensitivity.sensitive.total_count #=> Integer
resp.bucket_statistics_by_sensitivity.sensitive.total_size_in_bytes #=> Integer
resp.classifiable_object_count #=> Integer
resp.classifiable_size_in_bytes #=> Integer
resp.last_updated #=> Time
resp.object_count #=> Integer
resp.size_in_bytes #=> Integer
resp.size_in_bytes_compressed #=> Integer
resp.unclassifiable_object_count.file_type #=> Integer
resp.unclassifiable_object_count.storage_class #=> Integer
resp.unclassifiable_object_count.total #=> Integer
resp.unclassifiable_object_size_in_bytes.file_type #=> Integer
resp.unclassifiable_object_size_in_bytes.storage_class #=> Integer
resp.unclassifiable_object_size_in_bytes.total #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_id (String)

Returns:

See Also:



1777
1778
1779
1780
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1777

def get_bucket_statistics(params = {}, options = {})
  req = build_request(:get_bucket_statistics, params)
  req.send_request(options)
end

#get_classification_export_configuration(params = {}) ⇒ Types::GetClassificationExportConfigurationResponse

Retrieves the configuration settings for storing data classification results.

Examples:

Response structure


resp.configuration.s3_destination.bucket_name #=> String
resp.configuration.s3_destination.key_prefix #=> String
resp.configuration.s3_destination.kms_key_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



1799
1800
1801
1802
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1799

def get_classification_export_configuration(params = {}, options = {})
  req = build_request(:get_classification_export_configuration, params)
  req.send_request(options)
end

#get_classification_scope(params = {}) ⇒ Types::GetClassificationScopeResponse

Retrieves the classification scope settings for an account.

Examples:

Request syntax with placeholder values


resp = client.get_classification_scope({
  id: "__string", # required
})

Response structure


resp.id #=> String
resp.name #=> String
resp.s3.excludes.bucket_names #=> Array
resp.s3.excludes.bucket_names[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

See Also:



1831
1832
1833
1834
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1831

def get_classification_scope(params = {}, options = {})
  req = build_request(:get_classification_scope, params)
  req.send_request(options)
end

#get_custom_data_identifier(params = {}) ⇒ Types::GetCustomDataIdentifierResponse

Retrieves the criteria and other settings for a custom data identifier.

Examples:

Request syntax with placeholder values


resp = client.get_custom_data_identifier({
  id: "__string", # required
})

Response structure


resp.arn #=> String
resp.created_at #=> Time
resp.deleted #=> Boolean
resp.description #=> String
resp.id #=> String
resp.ignore_words #=> Array
resp.ignore_words[0] #=> String
resp.keywords #=> Array
resp.keywords[0] #=> String
resp.maximum_match_distance #=> Integer
resp.name #=> String
resp.regex #=> String
resp.severity_levels #=> Array
resp.severity_levels[0].occurrences_threshold #=> Integer
resp.severity_levels[0].severity #=> String, one of "LOW", "MEDIUM", "HIGH"
resp.tags #=> Hash
resp.tags["__string"] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

See Also:



1886
1887
1888
1889
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1886

def get_custom_data_identifier(params = {}, options = {})
  req = build_request(:get_custom_data_identifier, params)
  req.send_request(options)
end

#get_finding_statistics(params = {}) ⇒ Types::GetFindingStatisticsResponse

Retrieves (queries) aggregated statistical data about findings.

Examples:

Request syntax with placeholder values


resp = client.get_finding_statistics({
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        eq_exact_match: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  group_by: "resourcesAffected.s3Bucket.name", # required, accepts resourcesAffected.s3Bucket.name, type, classificationDetails.jobId, severity.description
  size: 1,
  sort_criteria: {
    attribute_name: "groupKey", # accepts groupKey, count
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.counts_by_group #=> Array
resp.counts_by_group[0].count #=> Integer
resp.counts_by_group[0].group_key #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_criteria (Types::FindingCriteria)

    Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.

  • :group_by (required, String)
  • :size (Integer)
  • :sort_criteria (Types::FindingStatisticsSortCriteria)

    Specifies criteria for sorting the results of a query that retrieves aggregated statistical data about findings.

Returns:

See Also:



1943
1944
1945
1946
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 1943

def get_finding_statistics(params = {}, options = {})
  req = build_request(:get_finding_statistics, params)
  req.send_request(options)
end

#get_findings(params = {}) ⇒ Types::GetFindingsResponse

Retrieves the details of one or more findings.

Examples:

Request syntax with placeholder values


resp = client.get_findings({
  finding_ids: ["__string"], # required
  sort_criteria: {
    attribute_name: "__string",
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.findings #=> Array
resp.findings[0]. #=> String
resp.findings[0].archived #=> Boolean
resp.findings[0].category #=> String, one of "CLASSIFICATION", "POLICY"
resp.findings[0].classification_details.detailed_results_location #=> String
resp.findings[0].classification_details.job_arn #=> String
resp.findings[0].classification_details.job_id #=> String
resp.findings[0].classification_details.origin_type #=> String, one of "SENSITIVE_DATA_DISCOVERY_JOB", "AUTOMATED_SENSITIVE_DATA_DISCOVERY"
resp.findings[0].classification_details.result.additional_occurrences #=> Boolean
resp.findings[0].classification_details.result.custom_data_identifiers.detections #=> Array
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].arn #=> String
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].count #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].name #=> String
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.cells #=> Array
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.cells[0].cell_reference #=> String
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.cells[0].column #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.cells[0].column_name #=> String
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.cells[0].row #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.line_ranges #=> Array
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].end #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].start #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].start_column #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.offset_ranges #=> Array
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].end #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].start #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].start_column #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages #=> Array
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.end #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.start #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.start_column #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.end #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.start #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.start_column #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.pages[0].page_number #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.records #=> Array
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.records[0].json_path #=> String
resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].occurrences.records[0].record_index #=> Integer
resp.findings[0].classification_details.result.custom_data_identifiers.total_count #=> Integer
resp.findings[0].classification_details.result.mime_type #=> String
resp.findings[0].classification_details.result.sensitive_data #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].category #=> String, one of "FINANCIAL_INFORMATION", "PERSONAL_INFORMATION", "CREDENTIALS", "CUSTOM_IDENTIFIER"
resp.findings[0].classification_details.result.sensitive_data[0].detections #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].count #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.cells #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.cells[0].cell_reference #=> String
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.cells[0].column #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.cells[0].column_name #=> String
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.cells[0].row #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.line_ranges #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].end #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].start #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].start_column #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.offset_ranges #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].end #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].start #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].start_column #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.end #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.start #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.start_column #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.end #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.start #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.start_column #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.pages[0].page_number #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.records #=> Array
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.records[0].json_path #=> String
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].occurrences.records[0].record_index #=> Integer
resp.findings[0].classification_details.result.sensitive_data[0].detections[0].type #=> String
resp.findings[0].classification_details.result.sensitive_data[0].total_count #=> Integer
resp.findings[0].classification_details.result.size_classified #=> Integer
resp.findings[0].classification_details.result.status.code #=> String
resp.findings[0].classification_details.result.status.reason #=> String
resp.findings[0].count #=> Integer
resp.findings[0].created_at #=> Time
resp.findings[0].description #=> String
resp.findings[0].id #=> String
resp.findings[0].partition #=> String
resp.findings[0].policy_details.action.action_type #=> String, one of "AWS_API_CALL"
resp.findings[0].policy_details.action.api_call_details.api #=> String
resp.findings[0].policy_details.action.api_call_details.api_service_name #=> String
resp.findings[0].policy_details.action.api_call_details.first_seen #=> Time
resp.findings[0].policy_details.action.api_call_details.last_seen #=> Time
resp.findings[0].policy_details.actor.domain_details.domain_name #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_address_v4 #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_city.name #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_country.code #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_country.name #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_geo_location.lat #=> Float
resp.findings[0].policy_details.actor.ip_address_details.ip_geo_location.lon #=> Float
resp.findings[0].policy_details.actor.ip_address_details.ip_owner.asn #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_owner.asn_org #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_owner.isp #=> String
resp.findings[0].policy_details.actor.ip_address_details.ip_owner.org #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.access_key_id #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role. #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.arn #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.attributes.creation_date #=> Time
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.attributes.mfa_authenticated #=> Boolean
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.session_issuer. #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.session_issuer.arn #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.session_issuer.principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.session_issuer.type #=> String
resp.findings[0].policy_details.actor.user_identity.assumed_role.session_context.session_issuer.user_name #=> String
resp.findings[0].policy_details.actor.user_identity.. #=> String
resp.findings[0].policy_details.actor.user_identity..principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.aws_service.invoked_by #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.access_key_id #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user. #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.arn #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.attributes.creation_date #=> Time
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.attributes.mfa_authenticated #=> Boolean
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.session_issuer. #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.session_issuer.arn #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.session_issuer.principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.session_issuer.type #=> String
resp.findings[0].policy_details.actor.user_identity.federated_user.session_context.session_issuer.user_name #=> String
resp.findings[0].policy_details.actor.user_identity.iam_user. #=> String
resp.findings[0].policy_details.actor.user_identity.iam_user.arn #=> String
resp.findings[0].policy_details.actor.user_identity.iam_user.principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.iam_user.user_name #=> String
resp.findings[0].policy_details.actor.user_identity.root. #=> String
resp.findings[0].policy_details.actor.user_identity.root.arn #=> String
resp.findings[0].policy_details.actor.user_identity.root.principal_id #=> String
resp.findings[0].policy_details.actor.user_identity.type #=> String, one of "AssumedRole", "IAMUser", "FederatedUser", "Root", "AWSAccount", "AWSService"
resp.findings[0].region #=> String
resp.findings[0].resources_affected.s3_bucket.allows_unencrypted_object_uploads #=> String, one of "TRUE", "FALSE", "UNKNOWN"
resp.findings[0].resources_affected.s3_bucket.arn #=> String
resp.findings[0].resources_affected.s3_bucket.created_at #=> Time
resp.findings[0].resources_affected.s3_bucket.default_server_side_encryption.encryption_type #=> String, one of "NONE", "AES256", "aws:kms", "UNKNOWN", "aws:kms:dsse"
resp.findings[0].resources_affected.s3_bucket.default_server_side_encryption.kms_master_key_id #=> String
resp.findings[0].resources_affected.s3_bucket.name #=> String
resp.findings[0].resources_affected.s3_bucket.owner.display_name #=> String
resp.findings[0].resources_affected.s3_bucket.owner.id #=> String
resp.findings[0].resources_affected.s3_bucket.public_access.effective_permission #=> String, one of "PUBLIC", "NOT_PUBLIC", "UNKNOWN"
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration..block_public_access.block_public_acls #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration..block_public_access.block_public_policy #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration..block_public_access.ignore_public_acls #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration..block_public_access.restrict_public_buckets #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_read_access #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_write_access #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_acls #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_policy #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.block_public_access.ignore_public_acls #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.block_public_access.restrict_public_buckets #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_read_access #=> Boolean
resp.findings[0].resources_affected.s3_bucket.public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_write_access #=> Boolean
resp.findings[0].resources_affected.s3_bucket.tags #=> Array
resp.findings[0].resources_affected.s3_bucket.tags[0].key #=> String
resp.findings[0].resources_affected.s3_bucket.tags[0].value #=> String
resp.findings[0].resources_affected.s3_object.bucket_arn #=> String
resp.findings[0].resources_affected.s3_object.e_tag #=> String
resp.findings[0].resources_affected.s3_object.extension #=> String
resp.findings[0].resources_affected.s3_object.key #=> String
resp.findings[0].resources_affected.s3_object.last_modified #=> Time
resp.findings[0].resources_affected.s3_object.path #=> String
resp.findings[0].resources_affected.s3_object.public_access #=> Boolean
resp.findings[0].resources_affected.s3_object.server_side_encryption.encryption_type #=> String, one of "NONE", "AES256", "aws:kms", "UNKNOWN", "aws:kms:dsse"
resp.findings[0].resources_affected.s3_object.server_side_encryption.kms_master_key_id #=> String
resp.findings[0].resources_affected.s3_object.size #=> Integer
resp.findings[0].resources_affected.s3_object.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "ONEZONE_IA", "GLACIER", "GLACIER_IR", "OUTPOSTS"
resp.findings[0].resources_affected.s3_object.tags #=> Array
resp.findings[0].resources_affected.s3_object.tags[0].key #=> String
resp.findings[0].resources_affected.s3_object.tags[0].value #=> String
resp.findings[0].resources_affected.s3_object.version_id #=> String
resp.findings[0].sample #=> Boolean
resp.findings[0].schema_version #=> String
resp.findings[0].severity.description #=> String, one of "Low", "Medium", "High"
resp.findings[0].severity.score #=> Integer
resp.findings[0].title #=> String
resp.findings[0].type #=> String, one of "SensitiveData:S3Object/Multiple", "SensitiveData:S3Object/Financial", "SensitiveData:S3Object/Personal", "SensitiveData:S3Object/Credentials", "SensitiveData:S3Object/CustomIdentifier", "Policy:IAMUser/S3BucketPublic", "Policy:IAMUser/S3BucketSharedExternally", "Policy:IAMUser/S3BucketReplicatedExternally", "Policy:IAMUser/S3BucketEncryptionDisabled", "Policy:IAMUser/S3BlockPublicAccessDisabled", "Policy:IAMUser/S3BucketSharedWithCloudFront"
resp.findings[0].updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_ids (required, Array<String>)
  • :sort_criteria (Types::SortCriteria)

    Specifies criteria for sorting the results of a request for findings.

Returns:

See Also:



2149
2150
2151
2152
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2149

def get_findings(params = {}, options = {})
  req = build_request(:get_findings, params)
  req.send_request(options)
end

#get_findings_filter(params = {}) ⇒ Types::GetFindingsFilterResponse

Retrieves the criteria and other settings for a findings filter.

Examples:

Request syntax with placeholder values


resp = client.get_findings_filter({
  id: "__string", # required
})

Response structure


resp.action #=> String, one of "ARCHIVE", "NOOP"
resp.arn #=> String
resp.description #=> String
resp.finding_criteria.criterion #=> Hash
resp.finding_criteria.criterion["__string"].eq #=> Array
resp.finding_criteria.criterion["__string"].eq[0] #=> String
resp.finding_criteria.criterion["__string"].eq_exact_match #=> Array
resp.finding_criteria.criterion["__string"].eq_exact_match[0] #=> String
resp.finding_criteria.criterion["__string"].gt #=> Integer
resp.finding_criteria.criterion["__string"].gte #=> Integer
resp.finding_criteria.criterion["__string"].lt #=> Integer
resp.finding_criteria.criterion["__string"].lte #=> Integer
resp.finding_criteria.criterion["__string"].neq #=> Array
resp.finding_criteria.criterion["__string"].neq[0] #=> String
resp.id #=> String
resp.name #=> String
resp.position #=> Integer
resp.tags #=> Hash
resp.tags["__string"] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

See Also:



2201
2202
2203
2204
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2201

def get_findings_filter(params = {}, options = {})
  req = build_request(:get_findings_filter, params)
  req.send_request(options)
end

#get_findings_publication_configuration(params = {}) ⇒ Types::GetFindingsPublicationConfigurationResponse

Retrieves the configuration settings for publishing findings to Security Hub.

Examples:

Response structure


resp.security_hub_configuration.publish_classification_findings #=> Boolean
resp.security_hub_configuration.publish_policy_findings #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



2222
2223
2224
2225
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2222

def get_findings_publication_configuration(params = {}, options = {})
  req = build_request(:get_findings_publication_configuration, params)
  req.send_request(options)
end

#get_invitations_count(params = {}) ⇒ Types::GetInvitationsCountResponse

Retrieves the count of Amazon Macie membership invitations that were received by an account.

Examples:

Response structure


resp.invitations_count #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



2242
2243
2244
2245
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2242

def get_invitations_count(params = {}, options = {})
  req = build_request(:get_invitations_count, params)
  req.send_request(options)
end

#get_macie_session(params = {}) ⇒ Types::GetMacieSessionResponse

Retrieves the status and configuration settings for an Amazon Macie account.

Examples:

Response structure


resp.created_at #=> Time
resp.finding_publishing_frequency #=> String, one of "FIFTEEN_MINUTES", "ONE_HOUR", "SIX_HOURS"
resp.service_role #=> String
resp.status #=> String, one of "PAUSED", "ENABLED"
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



2270
2271
2272
2273
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2270

def get_macie_session(params = {}, options = {})
  req = build_request(:get_macie_session, params)
  req.send_request(options)
end

#get_master_account(params = {}) ⇒ Types::GetMasterAccountResponse

(Deprecated) Retrieves information about the Amazon Macie administrator account for an account. This operation has been replaced by the

GetAdministratorAccount operation.

Examples:

Response structure


resp.master. #=> String
resp.master.invitation_id #=> String
resp.master.invited_at #=> Time
resp.master.relationship_status #=> String, one of "Enabled", "Paused", "Invited", "Created", "Removed", "Resigned", "EmailVerificationInProgress", "EmailVerificationFailed", "RegionDisabled", "AccountSuspended"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



2296
2297
2298
2299
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2296

def (params = {}, options = {})
  req = build_request(:get_master_account, params)
  req.send_request(options)
end

#get_member(params = {}) ⇒ Types::GetMemberResponse

Retrieves information about an account that's associated with an Amazon Macie administrator account.

Examples:

Request syntax with placeholder values


resp = client.get_member({
  id: "__string", # required
})

Response structure


resp. #=> String
resp. #=> String
resp.arn #=> String
resp.email #=> String
resp.invited_at #=> Time
resp. #=> String
resp.relationship_status #=> String, one of "Enabled", "Paused", "Invited", "Created", "Removed", "Resigned", "EmailVerificationInProgress", "EmailVerificationFailed", "RegionDisabled", "AccountSuspended"
resp.tags #=> Hash
resp.tags["__string"] #=> String
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

See Also:



2341
2342
2343
2344
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2341

def get_member(params = {}, options = {})
  req = build_request(:get_member, params)
  req.send_request(options)
end

#get_resource_profile(params = {}) ⇒ Types::GetResourceProfileResponse

Retrieves (queries) sensitive data discovery statistics and the sensitivity score for an S3 bucket.

Examples:

Request syntax with placeholder values


resp = client.get_resource_profile({
  resource_arn: "__string", # required
})

Response structure


resp.profile_updated_at #=> Time
resp.sensitivity_score #=> Integer
resp.sensitivity_score_overridden #=> Boolean
resp.statistics.total_bytes_classified #=> Integer
resp.statistics.total_detections #=> Integer
resp.statistics.total_detections_suppressed #=> Integer
resp.statistics.total_items_classified #=> Integer
resp.statistics.total_items_sensitive #=> Integer
resp.statistics.total_items_skipped #=> Integer
resp.statistics.total_items_skipped_invalid_encryption #=> Integer
resp.statistics.total_items_skipped_invalid_kms #=> Integer
resp.statistics.total_items_skipped_permission_denied #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

Returns:

See Also:



2383
2384
2385
2386
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2383

def get_resource_profile(params = {}, options = {})
  req = build_request(:get_resource_profile, params)
  req.send_request(options)
end

#get_reveal_configuration(params = {}) ⇒ Types::GetRevealConfigurationResponse

Retrieves the status and configuration settings for retrieving occurrences of sensitive data reported by findings.

Examples:

Response structure


resp.configuration.kms_key_id #=> String
resp.configuration.status #=> String, one of "ENABLED", "DISABLED"
resp.retrieval_configuration.external_id #=> String
resp.retrieval_configuration.retrieval_mode #=> String, one of "CALLER_CREDENTIALS", "ASSUME_ROLE"
resp.retrieval_configuration.role_name #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



2408
2409
2410
2411
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2408

def get_reveal_configuration(params = {}, options = {})
  req = build_request(:get_reveal_configuration, params)
  req.send_request(options)
end

#get_sensitive_data_occurrences(params = {}) ⇒ Types::GetSensitiveDataOccurrencesResponse

Retrieves occurrences of sensitive data reported by a finding.

The following waiters are defined for this operation (see #wait_until for detailed usage):

  • finding_revealed

Examples:

Request syntax with placeholder values


resp = client.get_sensitive_data_occurrences({
  finding_id: "__string", # required
})

Response structure


resp.error #=> String
resp.sensitive_data_occurrences #=> Hash
resp.sensitive_data_occurrences["__string"] #=> Array
resp.sensitive_data_occurrences["__string"][0].value #=> String
resp.status #=> String, one of "SUCCESS", "PROCESSING", "ERROR"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_id (required, String)

Returns:

See Also:



2446
2447
2448
2449
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2446

def get_sensitive_data_occurrences(params = {}, options = {})
  req = build_request(:get_sensitive_data_occurrences, params)
  req.send_request(options)
end

#get_sensitive_data_occurrences_availability(params = {}) ⇒ Types::GetSensitiveDataOccurrencesAvailabilityResponse

Checks whether occurrences of sensitive data can be retrieved for a finding.

Examples:

Request syntax with placeholder values


resp = client.get_sensitive_data_occurrences_availability({
  finding_id: "__string", # required
})

Response structure


resp.code #=> String, one of "AVAILABLE", "UNAVAILABLE"
resp.reasons #=> Array
resp.reasons[0] #=> String, one of "OBJECT_EXCEEDS_SIZE_QUOTA", "UNSUPPORTED_OBJECT_TYPE", "UNSUPPORTED_FINDING_TYPE", "INVALID_CLASSIFICATION_RESULT", "OBJECT_UNAVAILABLE", "ACCOUNT_NOT_IN_ORGANIZATION", "MISSING_GET_MEMBER_PERMISSION", "ROLE_TOO_PERMISSIVE", "MEMBER_ROLE_TOO_PERMISSIVE", "INVALID_RESULT_SIGNATURE", "RESULT_NOT_SIGNED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_id (required, String)

Returns:

See Also:



2477
2478
2479
2480
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2477

def get_sensitive_data_occurrences_availability(params = {}, options = {})
  req = build_request(:get_sensitive_data_occurrences_availability, params)
  req.send_request(options)
end

#get_sensitivity_inspection_template(params = {}) ⇒ Types::GetSensitivityInspectionTemplateResponse

Retrieves the settings for the sensitivity inspection template for an account.

Examples:

Request syntax with placeholder values


resp = client.get_sensitivity_inspection_template({
  id: "__string", # required
})

Response structure


resp.description #=> String
resp.excludes.managed_data_identifier_ids #=> Array
resp.excludes.managed_data_identifier_ids[0] #=> String
resp.includes.allow_list_ids #=> Array
resp.includes.allow_list_ids[0] #=> String
resp.includes.custom_data_identifier_ids #=> Array
resp.includes.custom_data_identifier_ids[0] #=> String
resp.includes.managed_data_identifier_ids #=> Array
resp.includes.managed_data_identifier_ids[0] #=> String
resp.name #=> String
resp.sensitivity_inspection_template_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)

Returns:

See Also:



2519
2520
2521
2522
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2519

def get_sensitivity_inspection_template(params = {}, options = {})
  req = build_request(:get_sensitivity_inspection_template, params)
  req.send_request(options)
end

#get_usage_statistics(params = {}) ⇒ Types::GetUsageStatisticsResponse

Retrieves (queries) quotas and aggregated usage data for one or more accounts.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.get_usage_statistics({
  filter_by: [
    {
      comparator: "GT", # accepts GT, GTE, LT, LTE, EQ, NE, CONTAINS
      key: "accountId", # accepts accountId, serviceLimit, freeTrialStartDate, total
      values: ["__string"],
    },
  ],
  max_results: 1,
  next_token: "__string",
  sort_by: {
    key: "accountId", # accepts accountId, total, serviceLimitValue, freeTrialStartDate
    order_by: "ASC", # accepts ASC, DESC
  },
  time_range: "MONTH_TO_DATE", # accepts MONTH_TO_DATE, PAST_30_DAYS
})

Response structure


resp.next_token #=> String
resp.records #=> Array
resp.records[0]. #=> String
resp.records[0].automated_discovery_free_trial_start_date #=> Time
resp.records[0].free_trial_start_date #=> Time
resp.records[0].usage #=> Array
resp.records[0].usage[0].currency #=> String, one of "USD"
resp.records[0].usage[0].estimated_cost #=> String
resp.records[0].usage[0].service_limit.is_service_limited #=> Boolean
resp.records[0].usage[0].service_limit.unit #=> String, one of "TERABYTES"
resp.records[0].usage[0].service_limit.value #=> Integer
resp.records[0].usage[0].type #=> String, one of "DATA_INVENTORY_EVALUATION", "SENSITIVE_DATA_DISCOVERY", "AUTOMATED_SENSITIVE_DATA_DISCOVERY", "AUTOMATED_OBJECT_MONITORING"
resp.time_range #=> String, one of "MONTH_TO_DATE", "PAST_30_DAYS"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :filter_by (Array<Types::UsageStatisticsFilter>)
  • :max_results (Integer)
  • :next_token (String)
  • :sort_by (Types::UsageStatisticsSortBy)

    Specifies criteria for sorting the results of a query for Amazon Macie account quotas and usage data.

  • :time_range (String)

    An inclusive time period that Amazon Macie usage data applies to. Possible values are:

Returns:

See Also:



2588
2589
2590
2591
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2588

def get_usage_statistics(params = {}, options = {})
  req = build_request(:get_usage_statistics, params)
  req.send_request(options)
end

#get_usage_totals(params = {}) ⇒ Types::GetUsageTotalsResponse

Retrieves (queries) aggregated usage data for an account.

Examples:

Request syntax with placeholder values


resp = client.get_usage_totals({
  time_range: "__string",
})

Response structure


resp.time_range #=> String, one of "MONTH_TO_DATE", "PAST_30_DAYS"
resp.usage_totals #=> Array
resp.usage_totals[0].currency #=> String, one of "USD"
resp.usage_totals[0].estimated_cost #=> String
resp.usage_totals[0].type #=> String, one of "DATA_INVENTORY_EVALUATION", "SENSITIVE_DATA_DISCOVERY", "AUTOMATED_SENSITIVE_DATA_DISCOVERY", "AUTOMATED_OBJECT_MONITORING"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :time_range (String)

Returns:

See Also:



2620
2621
2622
2623
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2620

def get_usage_totals(params = {}, options = {})
  req = build_request(:get_usage_totals, params)
  req.send_request(options)
end

#list_allow_lists(params = {}) ⇒ Types::ListAllowListsResponse

Retrieves a subset of information about all the allow lists for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_allow_lists({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.allow_lists #=> Array
resp.allow_lists[0].arn #=> String
resp.allow_lists[0].created_at #=> Time
resp.allow_lists[0].description #=> String
resp.allow_lists[0].id #=> String
resp.allow_lists[0].name #=> String
resp.allow_lists[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



2661
2662
2663
2664
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2661

def list_allow_lists(params = {}, options = {})
  req = build_request(:list_allow_lists, params)
  req.send_request(options)
end

#list_automated_discovery_accounts(params = {}) ⇒ Types::ListAutomatedDiscoveryAccountsResponse

Retrieves the status of automated sensitive data discovery for one or more accounts.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_automated_discovery_accounts({
  account_ids: ["__string"],
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.items #=> Array
resp.items[0]. #=> String
resp.items[0].status #=> String, one of "ENABLED", "DISABLED"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)
  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



2701
2702
2703
2704
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2701

def list_automated_discovery_accounts(params = {}, options = {})
  req = build_request(:list_automated_discovery_accounts, params)
  req.send_request(options)
end

#list_classification_jobs(params = {}) ⇒ Types::ListClassificationJobsResponse

Retrieves a subset of information about one or more classification jobs.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_classification_jobs({
  filter_criteria: {
    excludes: [
      {
        comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
        key: "jobType", # accepts jobType, jobStatus, createdAt, name
        values: ["__string"],
      },
    ],
    includes: [
      {
        comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
        key: "jobType", # accepts jobType, jobStatus, createdAt, name
        values: ["__string"],
      },
    ],
  },
  max_results: 1,
  next_token: "__string",
  sort_criteria: {
    attribute_name: "createdAt", # accepts createdAt, jobStatus, name, jobType
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.items #=> Array
resp.items[0].bucket_criteria.excludes.and #=> Array
resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.values #=> Array
resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.values[0] #=> String
resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.tag_values #=> Array
resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].key #=> String
resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].value #=> String
resp.items[0].bucket_criteria.includes.and #=> Array
resp.items[0].bucket_criteria.includes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.items[0].bucket_criteria.includes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
resp.items[0].bucket_criteria.includes.and[0].simple_criterion.values #=> Array
resp.items[0].bucket_criteria.includes.and[0].simple_criterion.values[0] #=> String
resp.items[0].bucket_criteria.includes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
resp.items[0].bucket_definitions #=> Array
resp.items[0].bucket_definitions[0]. #=> String
resp.items[0].bucket_definitions[0].buckets #=> Array
resp.items[0].bucket_definitions[0].buckets[0] #=> String
resp.items[0].created_at #=> Time
resp.items[0].job_id #=> String
resp.items[0].job_status #=> String, one of "RUNNING", "PAUSED", "CANCELLED", "COMPLETE", "IDLE", "USER_PAUSED"
resp.items[0].job_type #=> String, one of "ONE_TIME", "SCHEDULED"
resp.items[0].last_run_error_status.code #=> String, one of "NONE", "ERROR"
resp.items[0].name #=> String
resp.items[0].user_paused_details.job_expires_at #=> Time
resp.items[0].user_paused_details.job_imminent_expiration_health_event_arn #=> String
resp.items[0].user_paused_details.job_paused_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :filter_criteria (Types::ListJobsFilterCriteria)

    Specifies criteria for filtering the results of a request for information about classification jobs.

  • :max_results (Integer)
  • :next_token (String)
  • :sort_criteria (Types::ListJobsSortCriteria)

    Specifies criteria for sorting the results of a request for information about classification jobs.

Returns:

See Also:



2795
2796
2797
2798
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2795

def list_classification_jobs(params = {}, options = {})
  req = build_request(:list_classification_jobs, params)
  req.send_request(options)
end

#list_classification_scopes(params = {}) ⇒ Types::ListClassificationScopesResponse

Retrieves a subset of information about the classification scope for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_classification_scopes({
  name: "__string",
  next_token: "__string",
})

Response structure


resp.classification_scopes #=> Array
resp.classification_scopes[0].id #=> String
resp.classification_scopes[0].name #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :name (String)
  • :next_token (String)

Returns:

See Also:



2832
2833
2834
2835
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2832

def list_classification_scopes(params = {}, options = {})
  req = build_request(:list_classification_scopes, params)
  req.send_request(options)
end

#list_custom_data_identifiers(params = {}) ⇒ Types::ListCustomDataIdentifiersResponse

Retrieves a subset of information about the custom data identifiers for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_custom_data_identifiers({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.items #=> Array
resp.items[0].arn #=> String
resp.items[0].created_at #=> Time
resp.items[0].description #=> String
resp.items[0].id #=> String
resp.items[0].name #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



2872
2873
2874
2875
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2872

def list_custom_data_identifiers(params = {}, options = {})
  req = build_request(:list_custom_data_identifiers, params)
  req.send_request(options)
end

#list_findings(params = {}) ⇒ Types::ListFindingsResponse

Retrieves a subset of information about one or more findings.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_findings({
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        eq_exact_match: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  max_results: 1,
  next_token: "__string",
  sort_criteria: {
    attribute_name: "__string",
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.finding_ids #=> Array
resp.finding_ids[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_criteria (Types::FindingCriteria)

    Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.

  • :max_results (Integer)
  • :next_token (String)
  • :sort_criteria (Types::SortCriteria)

    Specifies criteria for sorting the results of a request for findings.

Returns:

See Also:



2931
2932
2933
2934
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2931

def list_findings(params = {}, options = {})
  req = build_request(:list_findings, params)
  req.send_request(options)
end

#list_findings_filters(params = {}) ⇒ Types::ListFindingsFiltersResponse

Retrieves a subset of information about all the findings filters for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_findings_filters({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.findings_filter_list_items #=> Array
resp.findings_filter_list_items[0].action #=> String, one of "ARCHIVE", "NOOP"
resp.findings_filter_list_items[0].arn #=> String
resp.findings_filter_list_items[0].id #=> String
resp.findings_filter_list_items[0].name #=> String
resp.findings_filter_list_items[0].tags #=> Hash
resp.findings_filter_list_items[0].tags["__string"] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



2972
2973
2974
2975
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 2972

def list_findings_filters(params = {}, options = {})
  req = build_request(:list_findings_filters, params)
  req.send_request(options)
end

#list_invitations(params = {}) ⇒ Types::ListInvitationsResponse

Retrieves information about Amazon Macie membership invitations that were received by an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_invitations({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.invitations #=> Array
resp.invitations[0]. #=> String
resp.invitations[0].invitation_id #=> String
resp.invitations[0].invited_at #=> Time
resp.invitations[0].relationship_status #=> String, one of "Enabled", "Paused", "Invited", "Created", "Removed", "Resigned", "EmailVerificationInProgress", "EmailVerificationFailed", "RegionDisabled", "AccountSuspended"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



3011
3012
3013
3014
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3011

def list_invitations(params = {}, options = {})
  req = build_request(:list_invitations, params)
  req.send_request(options)
end

#list_managed_data_identifiers(params = {}) ⇒ Types::ListManagedDataIdentifiersResponse

Retrieves information about all the managed data identifiers that Amazon Macie currently provides.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_managed_data_identifiers({
  next_token: "__string",
})

Response structure


resp.items #=> Array
resp.items[0].category #=> String, one of "FINANCIAL_INFORMATION", "PERSONAL_INFORMATION", "CREDENTIALS", "CUSTOM_IDENTIFIER"
resp.items[0].id #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

Returns:

See Also:



3045
3046
3047
3048
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3045

def list_managed_data_identifiers(params = {}, options = {})
  req = build_request(:list_managed_data_identifiers, params)
  req.send_request(options)
end

#list_members(params = {}) ⇒ Types::ListMembersResponse

Retrieves information about the accounts that are associated with an Amazon Macie administrator account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_members({
  max_results: 1,
  next_token: "__string",
  only_associated: "__string",
})

Response structure


resp.members #=> Array
resp.members[0]. #=> String
resp.members[0]. #=> String
resp.members[0].arn #=> String
resp.members[0].email #=> String
resp.members[0].invited_at #=> Time
resp.members[0]. #=> String
resp.members[0].relationship_status #=> String, one of "Enabled", "Paused", "Invited", "Created", "Removed", "Resigned", "EmailVerificationInProgress", "EmailVerificationFailed", "RegionDisabled", "AccountSuspended"
resp.members[0].tags #=> Hash
resp.members[0].tags["__string"] #=> String
resp.members[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)
  • :only_associated (String)

Returns:

See Also:



3093
3094
3095
3096
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3093

def list_members(params = {}, options = {})
  req = build_request(:list_members, params)
  req.send_request(options)
end

#list_organization_admin_accounts(params = {}) ⇒ Types::ListOrganizationAdminAccountsResponse

Retrieves information about the delegated Amazon Macie administrator account for an organization in Organizations.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_organization_admin_accounts({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.admin_accounts #=> Array
resp.admin_accounts[0]. #=> String
resp.admin_accounts[0].status #=> String, one of "ENABLED", "DISABLING_IN_PROGRESS"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



3130
3131
3132
3133
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3130

def list_organization_admin_accounts(params = {}, options = {})
  req = build_request(:list_organization_admin_accounts, params)
  req.send_request(options)
end

#list_resource_profile_artifacts(params = {}) ⇒ Types::ListResourceProfileArtifactsResponse

Retrieves information about objects that Amazon Macie selected from an S3 bucket for automated sensitive data discovery.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_resource_profile_artifacts({
  next_token: "__string",
  resource_arn: "__string", # required
})

Response structure


resp.artifacts #=> Array
resp.artifacts[0].arn #=> String
resp.artifacts[0].classification_result_status #=> String
resp.artifacts[0].sensitive #=> Boolean
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)
  • :resource_arn (required, String)

Returns:

See Also:



3168
3169
3170
3171
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3168

def list_resource_profile_artifacts(params = {}, options = {})
  req = build_request(:list_resource_profile_artifacts, params)
  req.send_request(options)
end

#list_resource_profile_detections(params = {}) ⇒ Types::ListResourceProfileDetectionsResponse

Retrieves information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_resource_profile_detections({
  max_results: 1,
  next_token: "__string",
  resource_arn: "__string", # required
})

Response structure


resp.detections #=> Array
resp.detections[0].arn #=> String
resp.detections[0].count #=> Integer
resp.detections[0].id #=> String
resp.detections[0].name #=> String
resp.detections[0].suppressed #=> Boolean
resp.detections[0].type #=> String, one of "CUSTOM", "MANAGED"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)
  • :resource_arn (required, String)

Returns:

See Also:



3212
3213
3214
3215
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3212

def list_resource_profile_detections(params = {}, options = {})
  req = build_request(:list_resource_profile_detections, params)
  req.send_request(options)
end

#list_sensitivity_inspection_templates(params = {}) ⇒ Types::ListSensitivityInspectionTemplatesResponse

Retrieves a subset of information about the sensitivity inspection template for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_sensitivity_inspection_templates({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.next_token #=> String
resp.sensitivity_inspection_templates #=> Array
resp.sensitivity_inspection_templates[0].id #=> String
resp.sensitivity_inspection_templates[0].name #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)
  • :next_token (String)

Returns:

See Also:



3249
3250
3251
3252
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3249

def list_sensitivity_inspection_templates(params = {}, options = {})
  req = build_request(:list_sensitivity_inspection_templates, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse

Retrieves the tags (keys and values) that are associated with an Amazon Macie resource.

Examples:

Request syntax with placeholder values


resp = client.list_tags_for_resource({
  resource_arn: "__string", # required
})

Response structure


resp.tags #=> Hash
resp.tags["__string"] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

Returns:

See Also:



3278
3279
3280
3281
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3278

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#put_classification_export_configuration(params = {}) ⇒ Types::PutClassificationExportConfigurationResponse

Adds or updates the configuration settings for storing data classification results.

Examples:

Request syntax with placeholder values


resp = client.put_classification_export_configuration({
  configuration: { # required
    s3_destination: {
      bucket_name: "__string", # required
      key_prefix: "__string",
      kms_key_arn: "__string", # required
    },
  },
})

Response structure


resp.configuration.s3_destination.bucket_name #=> String
resp.configuration.s3_destination.key_prefix #=> String
resp.configuration.s3_destination.kms_key_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :configuration (required, Types::ClassificationExportConfiguration)

    Specifies where to store data classification results, and the encryption settings to use when storing results in that location. The location must be an S3 general purpose bucket.

Returns:

See Also:



3317
3318
3319
3320
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3317

def put_classification_export_configuration(params = {}, options = {})
  req = build_request(:put_classification_export_configuration, params)
  req.send_request(options)
end

#put_findings_publication_configuration(params = {}) ⇒ Struct

Updates the configuration settings for publishing findings to Security Hub.

Examples:

Request syntax with placeholder values


resp = client.put_findings_publication_configuration({
  client_token: "__string",
  security_hub_configuration: {
    publish_classification_findings: false, # required
    publish_policy_findings: false, # required
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_token (String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :security_hub_configuration (Types::SecurityHubConfiguration)

    Specifies configuration settings that determine which findings are published to Security Hub automatically. For information about how Macie publishes findings to Security Hub, see Evaluating findings with Security Hub in the Amazon Macie User Guide.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3355
3356
3357
3358
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3355

def put_findings_publication_configuration(params = {}, options = {})
  req = build_request(:put_findings_publication_configuration, params)
  req.send_request(options)
end

#search_resources(params = {}) ⇒ Types::SearchResourcesResponse

Retrieves (queries) statistical data and other information about Amazon Web Services resources that Amazon Macie monitors and analyzes for an account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.search_resources({
  bucket_criteria: {
    excludes: {
      and: [
        {
          simple_criterion: {
            comparator: "EQ", # accepts EQ, NE
            key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS, AUTOMATED_DISCOVERY_MONITORING_STATUS
            values: ["__string"],
          },
          tag_criterion: {
            comparator: "EQ", # accepts EQ, NE
            tag_values: [
              {
                key: "__string",
                value: "__string",
              },
            ],
          },
        },
      ],
    },
    includes: {
      and: [
        {
          simple_criterion: {
            comparator: "EQ", # accepts EQ, NE
            key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS, AUTOMATED_DISCOVERY_MONITORING_STATUS
            values: ["__string"],
          },
          tag_criterion: {
            comparator: "EQ", # accepts EQ, NE
            tag_values: [
              {
                key: "__string",
                value: "__string",
              },
            ],
          },
        },
      ],
    },
  },
  max_results: 1,
  next_token: "__string",
  sort_criteria: {
    attribute_name: "ACCOUNT_ID", # accepts ACCOUNT_ID, RESOURCE_NAME, S3_CLASSIFIABLE_OBJECT_COUNT, S3_CLASSIFIABLE_SIZE_IN_BYTES
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.matching_resources #=> Array
resp.matching_resources[0].matching_bucket. #=> String
resp.matching_resources[0].matching_bucket.automated_discovery_monitoring_status #=> String, one of "MONITORED", "NOT_MONITORED"
resp.matching_resources[0].matching_bucket.bucket_name #=> String
resp.matching_resources[0].matching_bucket.classifiable_object_count #=> Integer
resp.matching_resources[0].matching_bucket.classifiable_size_in_bytes #=> Integer
resp.matching_resources[0].matching_bucket.error_code #=> String, one of "ACCESS_DENIED", "BUCKET_COUNT_EXCEEDS_QUOTA"
resp.matching_resources[0].matching_bucket.error_message #=> String
resp.matching_resources[0].matching_bucket.job_details.is_defined_in_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
resp.matching_resources[0].matching_bucket.job_details.is_monitored_by_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
resp.matching_resources[0].matching_bucket.job_details.last_job_id #=> String
resp.matching_resources[0].matching_bucket.job_details.last_job_run_time #=> Time
resp.matching_resources[0].matching_bucket.last_automated_discovery_time #=> Time
resp.matching_resources[0].matching_bucket.object_count #=> Integer
resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.customer_managed #=> Integer
resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.kms_managed #=> Integer
resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.s3_managed #=> Integer
resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.unencrypted #=> Integer
resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.unknown #=> Integer
resp.matching_resources[0].matching_bucket.sensitivity_score #=> Integer
resp.matching_resources[0].matching_bucket.size_in_bytes #=> Integer
resp.matching_resources[0].matching_bucket.size_in_bytes_compressed #=> Integer
resp.matching_resources[0].matching_bucket.unclassifiable_object_count.file_type #=> Integer
resp.matching_resources[0].matching_bucket.unclassifiable_object_count.storage_class #=> Integer
resp.matching_resources[0].matching_bucket.unclassifiable_object_count.total #=> Integer
resp.matching_resources[0].matching_bucket.unclassifiable_object_size_in_bytes.file_type #=> Integer
resp.matching_resources[0].matching_bucket.unclassifiable_object_size_in_bytes.storage_class #=> Integer
resp.matching_resources[0].matching_bucket.unclassifiable_object_size_in_bytes.total #=> Integer
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :bucket_criteria (Types::SearchResourcesBucketCriteria)

    Specifies property- and tag-based conditions that define filter criteria for including or excluding S3 buckets from the query results. Exclude conditions take precedence over include conditions.

  • :max_results (Integer)
  • :next_token (String)
  • :sort_criteria (Types::SearchResourcesSortCriteria)

    Specifies criteria for sorting the results of a query for information about Amazon Web Services resources that Amazon Macie monitors and analyzes.

Returns:

See Also:



3474
3475
3476
3477
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3474

def search_resources(params = {}, options = {})
  req = build_request(:search_resources, params)
  req.send_request(options)
end

#tag_resource(params = {}) ⇒ Struct

Adds or updates one or more tags (keys and values) that are associated with an Amazon Macie resource.

Examples:

Request syntax with placeholder values


resp = client.tag_resource({
  resource_arn: "__string", # required
  tags: { # required
    "__string" => "__string",
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)
  • :tags (required, Hash<String,String>)

    A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3503
3504
3505
3506
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3503

def tag_resource(params = {}, options = {})
  req = build_request(:tag_resource, params)
  req.send_request(options)
end

#test_custom_data_identifier(params = {}) ⇒ Types::TestCustomDataIdentifierResponse

Tests criteria for a custom data identifier.

Examples:

Request syntax with placeholder values


resp = client.test_custom_data_identifier({
  ignore_words: ["__string"],
  keywords: ["__string"],
  maximum_match_distance: 1,
  regex: "__string", # required
  sample_text: "__string", # required
})

Response structure


resp.match_count #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :ignore_words (Array<String>)
  • :keywords (Array<String>)
  • :maximum_match_distance (Integer)
  • :regex (required, String)
  • :sample_text (required, String)

Returns:

See Also:



3542
3543
3544
3545
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3542

def test_custom_data_identifier(params = {}, options = {})
  req = build_request(:test_custom_data_identifier, params)
  req.send_request(options)
end

#untag_resource(params = {}) ⇒ Struct

Removes one or more tags (keys and values) from an Amazon Macie resource.

Examples:

Request syntax with placeholder values


resp = client.untag_resource({
  resource_arn: "__string", # required
  tag_keys: ["__string"], # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)
  • :tag_keys (required, Array<String>)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3567
3568
3569
3570
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3567

def untag_resource(params = {}, options = {})
  req = build_request(:untag_resource, params)
  req.send_request(options)
end

#update_allow_list(params = {}) ⇒ Types::UpdateAllowListResponse

Updates the settings for an allow list.

Examples:

Request syntax with placeholder values


resp = client.update_allow_list({
  criteria: { # required
    regex: "__stringMin1Max512PatternSS",
    s3_words_list: {
      bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
      object_key: "__stringMin1Max1024PatternSS", # required
    },
  },
  description: "__stringMin1Max512PatternSS",
  id: "__string", # required
  name: "__stringMin1Max128Pattern", # required
})

Response structure


resp.arn #=> String
resp.id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :criteria (required, Types::AllowListCriteria)

    Specifies the criteria for an allow list. The criteria must specify a regular expression (regex) or an S3 object (s3WordsList). It can't specify both.

  • :description (String)
  • :id (required, String)
  • :name (required, String)

Returns:

See Also:



3614
3615
3616
3617
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3614

def update_allow_list(params = {}, options = {})
  req = build_request(:update_allow_list, params)
  req.send_request(options)
end

#update_automated_discovery_configuration(params = {}) ⇒ Struct

Changes the configuration settings and status of automated sensitive data discovery for an organization or standalone account.

Examples:

Request syntax with placeholder values


resp = client.update_automated_discovery_configuration({
  auto_enable_organization_members: "ALL", # accepts ALL, NEW, NONE
  status: "ENABLED", # required, accepts ENABLED, DISABLED
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :auto_enable_organization_members (String)

    Specifies whether to automatically enable automated sensitive data discovery for accounts that are part of an organization in Amazon Macie. Valid values are:

  • :status (required, String)

    The status of the automated sensitive data discovery configuration for an organization in Amazon Macie or a standalone Macie account. Valid values are:

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3645
3646
3647
3648
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3645

def update_automated_discovery_configuration(params = {}, options = {})
  req = build_request(:update_automated_discovery_configuration, params)
  req.send_request(options)
end

#update_classification_job(params = {}) ⇒ Struct

Changes the status of a classification job.

Examples:

Request syntax with placeholder values


resp = client.update_classification_job({
  job_id: "__string", # required
  job_status: "RUNNING", # required, accepts RUNNING, PAUSED, CANCELLED, COMPLETE, IDLE, USER_PAUSED
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :job_id (required, String)
  • :job_status (required, String)

    The status of a classification job. Possible values are:

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3670
3671
3672
3673
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3670

def update_classification_job(params = {}, options = {})
  req = build_request(:update_classification_job, params)
  req.send_request(options)
end

#update_classification_scope(params = {}) ⇒ Struct

Updates the classification scope settings for an account.

Examples:

Request syntax with placeholder values


resp = client.update_classification_scope({
  id: "__string", # required
  s3: {
    excludes: { # required
      bucket_names: ["S3BucketName"], # required
      operation: "ADD", # required, accepts ADD, REPLACE, REMOVE
    },
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)
  • :s3 (Types::S3ClassificationScopeUpdate)

    Specifies changes to the list of S3 buckets that are excluded from automated sensitive data discovery for an Amazon Macie account.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3701
3702
3703
3704
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3701

def update_classification_scope(params = {}, options = {})
  req = build_request(:update_classification_scope, params)
  req.send_request(options)
end

#update_findings_filter(params = {}) ⇒ Types::UpdateFindingsFilterResponse

Updates the criteria and other settings for a findings filter.

Examples:

Request syntax with placeholder values


resp = client.update_findings_filter({
  action: "ARCHIVE", # accepts ARCHIVE, NOOP
  client_token: "__string",
  description: "__string",
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        eq_exact_match: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  id: "__string", # required
  name: "__string",
  position: 1,
})

Response structure


resp.arn #=> String
resp.id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :action (String)

    The action to perform on findings that match the filter criteria. To suppress (automatically archive) findings that match the criteria, set this value to ARCHIVE. Valid values are:

  • :client_token (String)

    A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :description (String)
  • :finding_criteria (Types::FindingCriteria)

    Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.

  • :id (required, String)
  • :name (String)
  • :position (Integer)

Returns:

See Also:



3767
3768
3769
3770
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3767

def update_findings_filter(params = {}, options = {})
  req = build_request(:update_findings_filter, params)
  req.send_request(options)
end

#update_macie_session(params = {}) ⇒ Struct

Suspends or re-enables Amazon Macie, or updates the configuration settings for a Macie account.

Examples:

Request syntax with placeholder values


resp = client.update_macie_session({
  finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
  status: "PAUSED", # accepts PAUSED, ENABLED
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_publishing_frequency (String)

    The frequency with which Amazon Macie publishes updates to policy findings for an account. This includes publishing updates to Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events). For more information, see Monitoring and processing findings in the Amazon Macie User Guide. Valid values are:

  • :status (String)

    The status of an Amazon Macie account. Valid values are:

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3802
3803
3804
3805
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3802

def update_macie_session(params = {}, options = {})
  req = build_request(:update_macie_session, params)
  req.send_request(options)
end

#update_member_session(params = {}) ⇒ Struct

Enables an Amazon Macie administrator to suspend or re-enable Macie for a member account.

Examples:

Request syntax with placeholder values


resp = client.update_member_session({
  id: "__string", # required
  status: "PAUSED", # required, accepts PAUSED, ENABLED
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :id (required, String)
  • :status (required, String)

    The status of an Amazon Macie account. Valid values are:

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3828
3829
3830
3831
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3828

def update_member_session(params = {}, options = {})
  req = build_request(:update_member_session, params)
  req.send_request(options)
end

#update_organization_configuration(params = {}) ⇒ Struct

Updates the Amazon Macie configuration settings for an organization in Organizations.

Examples:

Request syntax with placeholder values


resp = client.update_organization_configuration({
  auto_enable: false, # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :auto_enable (required, Boolean)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3850
3851
3852
3853
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3850

def update_organization_configuration(params = {}, options = {})
  req = build_request(:update_organization_configuration, params)
  req.send_request(options)
end

#update_resource_profile(params = {}) ⇒ Struct

Updates the sensitivity score for an S3 bucket.

Examples:

Request syntax with placeholder values


resp = client.update_resource_profile({
  resource_arn: "__string", # required
  sensitivity_score_override: 1,
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)
  • :sensitivity_score_override (Integer)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3874
3875
3876
3877
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3874

def update_resource_profile(params = {}, options = {})
  req = build_request(:update_resource_profile, params)
  req.send_request(options)
end

#update_resource_profile_detections(params = {}) ⇒ Struct

Updates the sensitivity scoring settings for an S3 bucket.

Examples:

Request syntax with placeholder values


resp = client.update_resource_profile_detections({
  resource_arn: "__string", # required
  suppress_data_identifiers: [
    {
      id: "__string",
      type: "CUSTOM", # accepts CUSTOM, MANAGED
    },
  ],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3903
3904
3905
3906
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3903

def update_resource_profile_detections(params = {}, options = {})
  req = build_request(:update_resource_profile_detections, params)
  req.send_request(options)
end

#update_reveal_configuration(params = {}) ⇒ Types::UpdateRevealConfigurationResponse

Updates the status and configuration settings for retrieving occurrences of sensitive data reported by findings.

Examples:

Request syntax with placeholder values


resp = client.update_reveal_configuration({
  configuration: { # required
    kms_key_id: "__stringMin1Max2048",
    status: "ENABLED", # required, accepts ENABLED, DISABLED
  },
  retrieval_configuration: {
    retrieval_mode: "CALLER_CREDENTIALS", # required, accepts CALLER_CREDENTIALS, ASSUME_ROLE
    role_name: "__stringMin1Max64PatternW",
  },
})

Response structure


resp.configuration.kms_key_id #=> String
resp.configuration.status #=> String, one of "ENABLED", "DISABLED"
resp.retrieval_configuration.external_id #=> String
resp.retrieval_configuration.retrieval_mode #=> String, one of "CALLER_CREDENTIALS", "ASSUME_ROLE"
resp.retrieval_configuration.role_name #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :configuration (required, Types::RevealConfiguration)

    Specifies the status of the Amazon Macie configuration for retrieving occurrences of sensitive data reported by findings, and the Key Management Service (KMS) key to use to encrypt sensitive data that's retrieved. When you enable the configuration for the first time, your request must specify an KMS key. Otherwise, an error occurs.

  • :retrieval_configuration (Types::UpdateRetrievalConfiguration)

    Specifies the access method and settings to use when retrieving occurrences of sensitive data reported by findings. If your request specifies an Identity and Access Management (IAM) role to assume, Amazon Macie verifies that the role exists and the attached policies are configured correctly. If there's an issue, Macie returns an error. For information about addressing the issue, see Configuration options for retrieving sensitive data samples in the Amazon Macie User Guide.

Returns:

See Also:



3962
3963
3964
3965
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 3962

def update_reveal_configuration(params = {}, options = {})
  req = build_request(:update_reveal_configuration, params)
  req.send_request(options)
end

#update_sensitivity_inspection_template(params = {}) ⇒ Struct

Updates the settings for the sensitivity inspection template for an account.

Examples:

Request syntax with placeholder values


resp = client.update_sensitivity_inspection_template({
  description: "__string",
  excludes: {
    managed_data_identifier_ids: ["__string"],
  },
  id: "__string", # required
  includes: {
    allow_list_ids: ["__string"],
    custom_data_identifier_ids: ["__string"],
    managed_data_identifier_ids: ["__string"],
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :description (String)
  • :excludes (Types::SensitivityInspectionTemplateExcludes)

    Specifies managed data identifiers to exclude (not use) when performing automated sensitive data discovery. For information about the managed data identifiers that Amazon Macie currently provides, see Using managed data identifiers in the Amazon Macie User Guide.

  • :id (required, String)
  • :includes (Types::SensitivityInspectionTemplateIncludes)

    Specifies the allow lists, custom data identifiers, and managed data identifiers to include (use) when performing automated sensitive data discovery. The configuration must specify at least one custom data identifier or managed data identifier. For information about the managed data identifiers that Amazon Macie currently provides, see Using managed data identifiers in the Amazon Macie User Guide.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



4017
4018
4019
4020
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 4017

def update_sensitivity_inspection_template(params = {}, options = {})
  req = build_request(:update_sensitivity_inspection_template, params)
  req.send_request(options)
end

#wait_until(waiter_name, params = {}, options = {}) {|w.waiter| ... } ⇒ Boolean

Polls an API operation until a resource enters a desired state.

Basic Usage

A waiter will call an API operation until:

  • It is successful
  • It enters a terminal state
  • It makes the maximum number of attempts

In between attempts, the waiter will sleep.

# polls in a loop, sleeping between attempts
client.wait_until(waiter_name, params)

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. You can pass configuration as the final arguments hash.

# poll for ~25 seconds
client.wait_until(waiter_name, params, {
  max_attempts: 5,
  delay: 5,
})

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
client.wait_until(waiter_name, params, {

  # disable max attempts
  max_attempts: nil,

  # poll for 1 hour, instead of a number of attempts
  before_wait: -> (attempts, response) do
    throw :failure if Time.now - started_at > 3600
  end
})

Handling Errors

When a waiter is unsuccessful, it will raise an error. All of the failure errors extend from Waiters::Errors::WaiterFailed.

begin
  client.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

Valid Waiters

The following table lists the valid waiter names, the operations they call, and the default :delay and :max_attempts values.

waiter_name params :delay :max_attempts
finding_revealed #get_sensitive_data_occurrences 2 60

Parameters:

  • waiter_name (Symbol)
  • params (Hash) (defaults to: {})

    ({})

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :max_attempts (Integer)
  • :delay (Integer)
  • :before_attempt (Proc)
  • :before_wait (Proc)

Yields:

  • (w.waiter)

Returns:

  • (Boolean)

    Returns true if the waiter was successful.

Raises:

  • (Errors::FailureStateError)

    Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

  • (Errors::TooManyAttemptsError)

    Raised when the configured maximum number of attempts have been made, and the waiter is not yet successful.

  • (Errors::UnexpectedError)

    Raised when an error is encounted while polling for a resource that is not expected.

  • (Errors::NoSuchWaiterError)

    Raised when you request to wait for an unknown state.



4132
4133
4134
4135
4136
# File 'gems/aws-sdk-macie2/lib/aws-sdk-macie2/client.rb', line 4132

def wait_until(waiter_name, params = {}, options = {})
  w = waiter(waiter_name, options)
  yield(w.waiter) if block_given? # deprecated
  w.wait(params)
end